Dates
Conferences
Tags
Sort by:
Most recent
Conference: Defcon 31
Authors: Christien 'DilDog' Rioux Cult Of The Dead Cow, Katelyn 'Medus4' Bowden Cult Of The Dead Cow
2023-08-01
Veilid is an open-source, peer-to-peer, mobile-first networked application framework, with a flagship secure messaging application named VeilidChat. Veilid is conceptually similar to IPFS + Tor, but faster and designed from the ground-up to provide all services over a privately routed network. The network also enables development of distributed applications without a 'blockchain' or a 'transactional layer' at their base. Veilid can be included as part of user-facing applications or run as a standalone server for power users who wish to help build the network.
Architecturally, it is written in Rust, uses strong encryption, and nodes can run on Linux, Mac, Windows, Android, iOS, and in-browser WASM. Low-level protocols over UDP, raw TCP, Websockets and Secure Websockets. Nodes are optimized for low latency, high node churn, and are particularly capable of dealing with low level network changes, such as switching from cellular to wifi networks mid-communication.
This talk will focus on the internals of Veilid:
* How it works as a protocol
* How it leverages strong cryptography to provide private communications
* How it provides decentralized storage and cryptographically sound data structures
* How applications are written to leverage the Veilid Network
We will demonstrate Veilid Server, and VeilidChat, the application.
Conference: KubeCon + CloudNativeCon Europe 2023
Authors: Filip Petkovski, Saswata Mukherjee
2023-04-21
tldr - powered by Generative AI
Thanos is an open-source solution for scaling Prometheus-based monitoring by providing a distributed highly-available metric system with long-term retention. It addresses challenges with scaling functionality like querying metrics across large time ranges via downsampling and ingesting metrics at scale.
- Prometheus is a standalone monitoring system that scrapes metrics from applications and stores them locally, but it cannot handle a large multi-environment setup or retain data for a long period of time
- Thanos fills the gaps in Prometheus by providing a global view, long-term retention, downsampling, and multi-tenancy features
- Thanos achieves a global view by using a standalone service called PromQL and defining the store API, which allows the queryer to request time series data from any component
- Thanos also provides global alerting and rule recording through the Thanos ruler, which executes alerting rules across the entire data set
- Thanos sidecar can be configured to upload data from Prometheus into object storage, making it easier to store data on disk for longer periods of time and move disks around
Conference: KubeCon + CloudNativeCon Europe 2023
Authors: Friedrich Gonzalez, Alan Protasio
2023-04-21
tldr - powered by Generative AI
The presentation discusses the reliability and features of Cortex, a project based on Prometheus and designed for Kubernetes.
- Cortex is designed for Kubernetes and is not a separate project from Prometheus
- Cortex uses Thanos for reliability and provides limits to ensure reliability
- Cortex implements vulnerable replication to ensure data is replicated across instances
- Cortex has upcoming projects such as Gateway, Down Sampling, Federated Rules, and Native Histogram
- There are plans to improve observability on the Cortex layer for cardinality
Conference: KubeCon + CloudNativeCon Europe 2023
Authors: Rodrigo Serra Inacio, Willian Saavedra Moreira Costa
2023-04-21
tldr - powered by Generative AI
Cloud Metrics is a scalable and resilient platform for monitoring both systems and environments of a bank. The key to building this platform was isolation and reducing noise between tenants. The main components used were Kubernetes, Prometheus, Grafana, and Alert Manager. The infrastructure was built using EKS and hosted in Sao Paulo, Brazil. Users access their metrics through Graphene and Prometheus images. Each tenant has their own account and bucket to store their metrics.
- Cloud Metrics is a platform for monitoring both systems and environments of a bank
- Isolation and reducing noise between tenants was key to building the platform
- Main components used were Kubernetes, Prometheus, Grafana, and Alert Manager
- Infrastructure was built using EKS and hosted in Sao Paulo, Brazil
- Users access their metrics through Graphene and Prometheus images
- Each tenant has their own account and bucket to store their metrics
Conference: KubeCon + CloudNativeCon Europe 2023
Authors: Zbynek Roubalik, Jorge Turrado
2023-04-20
tldr - powered by Generative AI
The presentation discusses the importance of certificate management and web hook validation in Keda, a Kubernetes-based event-driven autoscaler.
- Encrypting internal traffic inside the cluster is necessary to prevent unauthorized access and scaling issues
- Keda introduces mechanisms for automatically generating TLS certificates and supports the use of custom CA
- Validation webhooks prevent scaling conflicts and ensure that required metrics are present
- Managed identities are a secure way to connect to cloud provider infrastructure
- Exposing metrics is critical for monitoring Keda's performance
Conference: KubeCon + CloudNativeCon Europe 2023
Authors: Daniel Lipovetsky
2023-04-20
tldr - powered by Generative AI
The presentation discusses the challenges of debugging Kubernetes applications, particularly Cluster API, and how to solve them using ephemeral containers and open-source tools.
- Debugging Kubernetes applications is challenging due to the lack of a debugger in the pod and the separation of the target executable and process from the debugger client
- Ephemeral containers can be used to run the debugger in the same process namespace as the target and to avoid including unnecessary utilities in the container image
- The presenter demonstrates how to use an IDE to simultaneously debug multiple controllers in Cluster API using breakpoints
- The use of widely-available, open-source tools such as the Delve debugger and Alpine Linux image makes interactive debugging of Kubernetes applications more accessible
Conference: KubeCon + CloudNativeCon Europe 2023
Authors: Grace Nguyen
2023-04-19
tldr - powered by Generative AI
The presentation discusses the importance of securing the supply chain in open source software development and introduces tools like Salsa, Toto, and Fossio to help with governance and support.
- Open source software is often underfunded and maintained by overworked individuals, making supply chain security a crucial issue
- Governance and support are necessary to provide resources for open source projects to invest in tools like Salsa and supply chain security
- Tools like Salsa, Toto, and Fossio can help with securing the supply chain by providing container signing, ephemeral certificates, and certificate authority services
- Encryption is a key component of securing the supply chain, with digital signatures providing authenticity and identity verification
- The presentation encourages attendees to engage with open source maintainers and participate in discussions around standards like Salsa and vulnerability scanning
Conference: KubeCon + CloudNativeCon Europe 2023
Authors: Peter O'Neill
2023-04-18
Let's abstract the world of the CNCF and imagine it as an RPG board game. You will encounter level 99 developers, speakers, and content creators. Don't fear; these are not your enemies but rather a living example showing what it takes to reach the same level. Being level 1 at anything is hard, but you can quickly gain experience and level up with a simple shift in how you're already working. If you're already writing code to help you solve a problem, can you push it upstream? If you're teaching your friends the latest tech tips, can you expand your audience? If you're analyzing security trends on your internal systems, can you apply your learnings to an open-source project? With these small shifts, you are now ready to start leveling up. Not only can you level up your character, but you can level up projects. Looking at the project status will let you know the storyline difficulty. Kubernetes (main storyline mmorpg+irl) Graduated (standard) Incubating (hard) Sandbox (challenging) When you choose to work together, every XP you gain for the project earns double XP for the players in the party. So build your team, find your quests, smash some PRs, and level-up. Join me in this talk to learn how to get your player card and level up in the CNCF today!
Conference: KubeCon + CloudNativeCon North America 2022
Authors: Chao Zheng, Ed Huang
2022-10-26
tldr - powered by Generative AI
The presentation discusses the Chaos Mesh project, which is an open-source tool for chaos engineering in large-scale distributed systems. The project aims to increase the probability of reproducing bugs by injecting failures into the system. The presentation highlights the features of the project, including Azure chaos, multi-Kubernetes support, and improved usability.
- Chaos Mesh is an open-source tool for chaos engineering in large-scale distributed systems
- The project aims to increase the probability of reproducing bugs by injecting failures into the system
- Features of the project include Azure chaos, multi-Kubernetes support, and improved usability
- Azure chaos allows users to run chaos workloads on top of the Azure cloud
- Multi-Kubernetes support enables users to run chaos experiments across multiple Kubernetes clusters using one central controller
- Improved usability includes a drag and drop feature for defining workflows
Conference: KubeCon + CloudNativeCon North America 2022
Authors: Rishit Dagli
2022-10-25
tldr - powered by Generative AI
The speaker, a high school student involved in Kubernetes and CloudNative, shares their perspective on open source and motivates the audience to contribute to the CloudNative ecosystem and open-source software in general.
- Open source can be intimidating, but finding your motivation to contribute can help
- Open source is about learning, teaching, mentorship, feedback, and networking
- Kubernetes and CNCF are great avenues to start your open source journey
- Opinionated tips include not being afraid to ask, giving back, and it's okay to not know everything